Are you want to authenticate your remote Linux server with public key authentication, then the ssh-copy-id command is the easiest way to copy your public key to the Linux server.
SSH key pair is widely used to authenticate SSH connection as a more secure option. SSH key pair can be used instead of password authentication. To enable Public key authentication, you need to copy your public key to a remote server. There are several options to copy your public key, but using the ssh-copy-id command is the easiest option.
In this blog post, I’ll show you how to generate a key pair and copy the public key to the remote server with the ssh-copy-id command.
Table of Contents
How to Generate SSH Key on Linux
To copy SSH public key, you need to generate SSH key pair first. If you have already generated SSH key pair, move to section II to copy your public key to the Linux server. If you did not generate SSH key pair, follow this tutorial to generate one.
Step 1: Open the Terminal
If you use a Windows system, you need to install OpenSSH in Windows Powershell to follow this tutorial. You can also create SSH key pair using PuTTY software.
If you use Linux or macOS, open your Linux terminal by pressing CTRL + ATL + T to generate SSH key pair.
Step 2: Generate the Key Pair
To generate the key pair, you can enter the following command
ssh-keygen -t rsa -b 4096You will ask to enter a file to save the key (/home/user/.ssh/id_rsa). Enter press to save the file in the default location (/home/user/.ssh/id_rsa).
If you have already created the key pair, you will prompt to overwrite the key. If you want to create new key pair, continue with y
You can choose a passphrase to encrypt your SSH key pair. If you press enter, this command will generate a keypair without a password.
This command will generate 4096-bit RSA key pair, which is the most secure key length.
Output
Your identification has been saved in /home/ashiqur/.ssh/id_rsa
Your public key has been saved in /home/ashiqur/.ssh/id_rsa.pub
The key fingerprint is:
SHA256:2JYm2xcsGMOsg/jIOXXCD3buGtPRoBwcUm5JBqxRbR8 ashiqur@Linovox
The key's randomart image is:
+---[RSA 4096]----+
|.++* |
|..* =oE |
|.. B o=. |
|..+.o.+* o |
|. .Oo++.S o |
|.o+ O..* . . |
|.+.o +. . . |
| . + . |
| ... |
+----[SHA256]-----+
Step 3: Verify the Key Pair
Once you have created the key pair, now verify that the key pair is generated successfully. To verify the key pair enter the following command
ls ~/.ssh/In the output, you should see two files names id_rsa (private key) and id_rsa.pub (public key).
Copying SSH Key to Remote Server
Once you have generated the key pair, copy the public key to the remote Linux server. There are two ways to copy your public key to the remote server. Using ssh-copy-id is a straightforward process; hence this option is recommended.
Option 1: Using ssh-copy-id command
You can copy the public key to the remote server using the following command
ssh-copy-id -i ~/.ssh/id_rsa.pub user@host-ip-address- Replace
user@host-ip-addresswith your username and host IP address.
After executing this command, you will prompt to enter your password. Once you enter your password, the ssh-copy-id command will copy id_rsa.pub to ~/.ssh/authorized_keys in host server.
Option 2: Manually Copying the Key
There is another way to copy your public to the remote server. If your system doesn’t support the ssh-copy-id command, you can still copy SSH public to your Linux VPS. For this, first, you need to copy the ssh public key. To see your SSH public, use the following command
cat ~/.ssh/id_rsa.pubThis command will show SSH public key to your terminal. Now select and copy the entire output.
Now connect to your remote server using the SSH command and edit ~/.ssh/authorized_keys. To edit this file in the nano editor, use the following command
nano ~/.ssh/authorized_keysPaste your ssh public key in authorized_keys and save the file. That’s it. You enable Public key authentication.
SSH Copy ID Examples
In the previous section, I’ve discussed the basic steps to copy a key file to the remote server. But there are more options you can use with the ssh-copy-id command.
Example 1: Copying SSH Keys to Multiple Servers
If you have multiple servers and want to use the same public key in all the servers, you can do this with the following command.
ssh-copy-id user@server1 user@server2 user@server3The servers are separated by space, and you can use more servers in the same process.
Example 2: Using SSH Copy ID with Non-Standard Port Numbers
By default, SSH uses port 22, but using the default port has some security risks. You can change the default port in the SSH connection. If you have already changed the default port to a non-standard port, you can use the ssh-copy-id command as follow
ssh-copy-id -p 2222 user@server- Where 2222 is a non-standard port. Replace this port with your custom port.
Example 3: Replace an Existing Authorized Key
If your server already has an authorized key and you want to replace the authorized key with a new public key, you can do this with the ssh-copy-id command. For this, enter the following command
ssh-copy-id -i ~/.ssh/id_rsa.pub -f user@remote_server-fflag tells the ssh-copy-id command to overwrite any existing authorized with the new public key identified by-iflag.
Conclusion
The ssh-copy-id command is an excellent tool to copy ssh public to the remote server securely. Following this blog post, you can copy your ssh public to a remote server whether your system supports the ssh-copy-id command.
